Securely communicating data has been an important issue in today's online computing and data environment. It gains higher importance when the data is related with financial transactions. Typically, a user uses physical cards on a merchants device (that is a point of sale terminal from where the user may have availed any service/product) to make the financial payment. The physical card stores the sensitive data. Generally, the merchant device is loaded with applications that read the data from the physical card, after the user swipes the card onto the merchant's machine.
The recent improvement in this field extends where the user devices such as a mobile phone, PDA etc. are currently loaded with application that reads the data from a card swipe or in the more recent forms—receives an equivalent of card swipe through NFC (near field communication) or other means such as DTF. Card information along with payment details then travels to the acquiring system and finally through payment networks such as Master, Visa, Diners, etc. the information travels to the issuing bank. Such card information and other sensitive information are stored in the secured element of the user device or in the Secure Element in the SIM card. This technique of storing the sensitive information in secure element brings critical dependencies on SIM card owners (such as Telecommunication companies) and/or Phone manufacturers, thus limiting innovation and adoption by financial services industry.
There is a general need to enable a user to perform card transactions without any dependency on storage of sensitive information in the secure element. Several aspects of the present disclosure facilitate the easier way to enable card transactions by securely storing card details (and other sensitive details) without dependency on phone manufacturer or SIM card owner as described in below sections.